Created
January 9, 2018 17:58
-
-
Save ronaldtse/11e7e3caf98781498ae431fd9f897065 to your computer and use it in GitHub Desktop.
An example of a X.509 certificate using SM2 / SM3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a) the serial number is 64 57 00 b7 00 00 02 f6 (dec is 7230248512745636598); | |
| b) the certificate is signed with SM2 and the SM3 hash algorithm; | |
| c) the issuer's distinguished name is CN=OSCCA SM2 CA, C=CN; | |
| d) and the subject's distinguished name is CN=用户名字, OU=部门名称,O=组织名称,S=省份名称,C=CN; | |
| e) the certificate was issued on March 22, 2011 and expired on March 29,2014; | |
| f) the certificate contains a 256 bit SM2 EC public key; | |
| g) the certificate is an end entity certificate (not a CA certificate); | |
| h) the certificate include an authority key identifier ,subject KeyIdentifier and basic constraints extensions; | |
| i) the certificate includes a critical key usage extension specifying the public is intended for generation of digital signatures; | |
| j) the certificate include a extend key usage extensions; | |
| 0000 30 200: SEQUENCE { | |
| 0004 30 1A5: SEQUENCE { | |
| 0008 A0 3: [0] { | |
| 000A 02 1: INTEGER 2 | |
| : } | |
| 000D 02 8: INTEGER | |
| : 64 57 00 B7 00 00 02 F6 | |
| 0017 30 C: SEQUENCE { | |
| 0019 06 8: OBJECT IDENTIFIER '1 2 156 10197 1 501' | |
| 0023 05 0: | |
| : } | |
| 0025 30 24: SEQUENCE { | |
| 0027 31 15: SET { | |
| 0029 30 13: SEQUENCE { | |
| 002B 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |
| 0030 13 C: PrintableString 'OSCCA SM2 CA' | |
| : } | |
| : } | |
| 003E 31 B: SET { | |
| 0040 30 9: SEQUENCE { | |
| 0042 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | |
| 0047 13 2: PrintableString 'CN' | |
| : } | |
| : } | |
| : } | |
| 004B 30 1E: SEQUENCE { | |
| 004D 17 D: UTCTime '110322074444Z' | |
| 005C 17 D: UTCTime '140329074400Z' | |
| : } | |
| 006B 30 52: SEQUENCE { | |
| 006D 31 15: SET { | |
| 006F 30 13: SEQUENCE { | |
| 0071 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |
| 0076 0C C: UTF8String '?ㄦ.峰..绉? | |
| : } | |
| : } | |
| 0084 31 15: SET { | |
| 0086 30 13: SEQUENCE { | |
| 0088 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) | |
| 008D 0C C: UTF8String '?ㄩ.ㄥ..绉? | |
| : } | |
| : } | |
| 009B 31 15: SET { | |
| 009D 30 13: SEQUENCE { | |
| 009F 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | |
| 00A4 0C C: UTF8String '缁.缁.?.绉? | |
| : } | |
| : } | |
| 00B2 31 B: SET { | |
| 00B4 30 9: SEQUENCE { | |
| 00B6 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | |
| 00BB 13 2: PrintableString 'CN' | |
| : } | |
| : } | |
| : } | |
| 00BF 30 59: SEQUENCE { | |
| 00C1 30 13: SEQUENCE { | |
| 00C3 06 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) | |
| 00CC 06 8: OBJECT IDENTIFIER '1 2 156 10197 1 301' | |
| : } | |
| 00D6 03 42: BIT STRING 0 unused bits | |
| : 04 97 0A 71 9B CC 02 B4 6E E9 CC DF 59 2F 59 0B | |
| : 2D C7 5A AC B1 C7 B9 45 55 FE 07 E2 70 B3 83 9A | |
| : 4B EB 4C 37 A3 AD 5E FF BF 23 39 0C AD 36 9A EC | |
| : 58 B2 92 32 A0 CA 30 29 6F 0F F1 F8 35 F1 52 F6 | |
| : 76 | |
| : } | |
| 011A A3 90: [3] { | |
| 011D 30 8D: SEQUENCE { | |
| 0120 30 C: SEQUENCE { | |
| 0122 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) | |
| 0127 04 5: OCTET STRING | |
| : 30 03 01 01 00 | |
| : } | |
| 012E 30 1D: SEQUENCE { | |
| 0130 06 3: OBJECT IDENTIFIER extKeyUsage (2 5 29 37) | |
| 0135 04 16: OCTET STRING | |
| : 30 14 06 08 2B 06 01 05 05 07 03 02 06 08 2B 06 | |
| : 01 05 05 07 03 04 | |
| : } | |
| 014D 30 B: SEQUENCE { | |
| 014F 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) | |
| 0154 04 4: OCTET STRING | |
| : 03 02 00 C0 | |
| : } | |
| 015A 30 11: SEQUENCE { | |
| 015C 06 9: OBJECT IDENTIFIER | |
| : netscape-cert-type (2 16 840 1 113730 1 1) | |
| 0167 04 4: OCTET STRING | |
| : 03 02 00 80 | |
| : } | |
| 016D 30 1F: SEQUENCE { | |
| 016F 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35) | |
| 0174 04 18: OCTET STRING | |
| : 30 16 80 14 8E 7B 6D F4 CB 16 BC 42 79 80 22 80 | |
| : 92 49 97 1C EA BD D3 E5 | |
| : } | |
| 018E 30 1D: SEQUENCE { | |
| 0190 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) | |
| 0195 04 16: OCTET STRING | |
| : 04 14 1E 99 F3 37 A8 7E 1F 5D C8 B5 C4 D9 F6 94 | |
| : 2E A6 9C 24 9F 31 | |
| : } | |
| : } | |
| : } | |
| : } | |
| 01AD 30 C: SEQUENCE { | |
| 01AF 06 8: OBJECT IDENTIFIER '1 2 156 10197 1 501' | |
| 01B9 05 0: | |
| : } | |
| 01BB 03 47: BIT STRING 0 unused bits | |
| : 30 44 02 20 50 37 93 B4 0E 0F 1C 9D 3E EE 7F 7E | |
| : 02 BE BD 3E DE 01 27 27 20 82 EE 8F 0F 6F E4 8A | |
| : 36 3F 26 B9 02 20 B5 70 08 46 76 7B 6F 27 43 6C | |
| : BE D7 45 98 C4 5B 98 5C CB C8 1A 14 0E 2A 3B 03 | |
| : 55 CA BE F1 72 F2 | |
| : |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment